Enable Passwordless Authentication
-
Go to Users » your identity pool » Sign-In and Sign-Up.
-
Add Authentication Methods in the Sign In dropdown menu.
You can set the following passwordless authentication methods:
-
Passkeys
-
Verification Code
It is also possible to use Magic Links but only through API integration.
Remember
If you wish to integrate with Cloudentity APIs and build your own login page, you must still enable the authentication methods of your choice in your pool settings to be able to successfully authenticate users.
-
-
You can set one of the authentication methods to preferred by selecting the three dots next to the authentication method of your choice and selecting Change to Preferred.
Changing an authentication method to preferred results in displaying this authentication method as first available choice for the user when they are to sign in to their account. All other configured authentication methods are still available.
-
In the workspace the Identity Pool is connected to, make sure the token issue policy allows the tokens to be issued with an appropiate
amr
claim.You can do that in workspace Settings » Authorization » Token issue policy.
For example, by default, the Demo workspace has the NIST-AAL-1 User policy assigned which allows to issue tokens only if the
amr
authentication context attribute is set topwd
(password). In such case, the policy must allow theamr
claim to be set tootp
if you are using verification codes or magic links and topop
if you are using passkeys.
Integrate Custom Sign In Pages For Passwordless Authentication
If you wish to use a custom sign in page and integrate it with Cloudentity, see the Integrate Sign In Pages for Passwordless Authentication article.